<? 
session_start();
				
include ('conn.php');
				
$db = get_conn();
				
check_session();
		  
if ($_POST['Agregar']!=""){
	$sql = "INSERT INTO vehicules (id_location,id,notes) VALUES (
	".($_POST['id_location']).",
	\"".htmlspecialchars($_POST['id'])."\",
	\"".htmlspecialchars($_POST['notes'])."\")";
			
	$result = mysql_query($sql);
			
 	if(!$result){
 		error_handling('vehicules.insert  - '.$sql,mysql_error());
 	}else{
		$current = mysql_insert_id();
		save_vehicules_options($current,$_POST['id_option']);
	  
		if($_SESSION['session_is_admin'] !=1){
			do_redirect('../welcome_user.php'); 	  
		}	
	}				  
		 
}//Agregar
		  
if ($_POST['Actualizar']!=""){
			
	$sql = "update vehicules set 
	id_location=".$_POST['id_location'].",
	id=\"".htmlspecialchars($_POST['id'])."\",
	notes=\"".htmlspecialchars($_POST['notes'])."\"
 
	where id_vehicule=".$_POST['id_vehicule'];
			 
			
	$result = mysql_query($sql);
			
	if(!$result){
		error_handling('vehicules.update - '.$sql,mysql_error());
	}else{
		save_vehicules_options($_POST['id_vehicule'],$_POST['id_option']);		
		if($_SESSION['session_is_admin'] !=1){
			do_redirect('../welcome_user.php'); 	  
		}			
	}				  
		 
}//update
		  
if ($_POST['Eliminar']!=""){


	$sql = "delete from vehicules_options_granted where id_vehicule=".$_POST['id_vehicule'];
	$result = mysql_query($sql);
	if(!$result){
		error_handling('vehicules_options_granted.delete - '.$sql,mysql_error());
	}			
	
	$sql = "delete from vehicules where id_vehicule=".$_POST['id_vehicule'];
	$result = mysql_query($sql);
	if(!$result){
		error_handling('vehicules.delete - '.$sql,mysql_error());
	}		
	
	if($_SESSION['session_is_admin'] !=1){
		do_redirect('../welcome_user.php'); 	  
	}				  
		 
}//delete


if ($_POST['Nuevo']!=""){

	do_redirect('../welcome_user.php'); 	  
		 
}//delete


		echo "
				<html>
				<head> 
				<script src='tools/modal/jquery-1.4.2.js'     type='text/javascript'></script>
				<script type='text/javascript'>
				function callback(){
					parent.refresh_cars(".$_POST['id_location'].",'".$_POST['layer']."');
					parent.$.modal().close();
				}
				</script>
				</head>
				<body onLoad='callback();'></body>
				</html>	
		
		";	
		
		


  function save_vehicules_options($id_vehicule,$id_option){
	$sql="delete from vehicules_options_granted where id_vehicule=".$id_vehicule;
	$result = mysql_query($sql);
	if(!$result){
		error_handling(__FUNCTION__.$sql,mysql_error());
	}
	
	if( is_array($id_option)){
		for($i=0; $i < count($id_option); $i++){
			$sql="INSERT INTO vehicules_options_granted (id_vehicule, id_option) VALUES (".$id_vehicule.", ".$id_option[$i].")";
			$result = mysql_query($sql);
			if(!$result){
				error_handling(__FUNCTION__.$sql,mysql_error());
			}
		}
	}else{
		if($id_option !=''){
			$sql="INSERT INTO vehicules_options_granted (id_vehicule, id_option) VALUES (".$id_vehicule.", ".$id_option.")";
			$result = mysql_query($sql);
			if(!$result){
				error_handling(__FUNCTION__.$sql,mysql_error());
			}			
		}	
	}
  }		
?>

